v1.2.6 | Hardened

[yuzeguitarist]

---

Release Notes v1.2.6

TL;DR

• 敏感检测更智能，减少误拦截
  优化银行卡号与证件号检测逻辑，降低长文本中的误判概率，复制报错/日志内容更容易正常入库。
  Improved bank-card and identity-number detection to reduce false positives in long text, so copied error/log content is more reliably saved.
• 标签记录稳定性修复
  修复重复复制同一内容时可能把已打标签记录重置成“未标签”的问题，标签不再容易莫名消失。
  Fixed a tag-loss case where recopying the same content could reset a tagged item back to “untagged”.
• 检测速度与稳定性提升
  调整匹配流程与前置判断，减少无效扫描，敏感检测在高频复制场景下更快更稳。
  Refined matching flow and pre-checks to cut unnecessary scans, making detection faster and steadier under frequent copy events.
• 隐私说明文案更透明
  在“设置 > 隐私”补充上传范围说明，明确仅上传最近 24 小时的内存曲线与相关报错信息，且均已脱敏。
  Added clearer wording in "Settings > Privacy" to explain that only the last 24 hours of memory curves and related error info are uploaded, with anonymization applied.
• 脚本插件联网授权更严格
  联网授权现在强绑定脚本哈希；脚本内容变化后不会继续沿用旧授权，需要重新授权。
  Network permission for script plugins is now strictly hash-bound; changed scripts no longer reuse old authorization and must be re-approved.
• 更新代理限流降级策略优化
  当 RATE_LIMITER 未配置或异常时，更新代理默认降级可用（避免直接 503）；如需严格拦截可开启 RATE_LIMIT_FAIL_CLOSED=true。
  The update proxy now degrades gracefully when RATE_LIMITER is missing or unhealthy (instead of hard 503); set RATE_LIMIT_FAIL_CLOSED=true for strict blocking behavior.
• 向量索引恢复后写入稳定性修复
  修复 vec 恢复完成后仍可能写回旧默认表，导致“恢复成功但紧接着 upsert 失败”的问题；恢复表现在会被优先选用。
  Fixed a case where vec writes could still target an old default table right after recovery, causing “recovery completed but immediate upsert failure”; recovery tables are now preferred.
• 向量旧表清理降噪与容错
  遇到 sqlite-vec 内部 shadow 表限制时，不再强行删除并反复刷 may not be dropped，改为延后清理，运行更稳定。
  Improved vec cleanup resilience: when sqlite-vec shadow-table restrictions apply, cleanup is deferred instead of force-dropping, reducing repeated may not be dropped noise.
• 存储整理与迁移安全保护增强
  在向量索引可用时跳过 VACUUM；存储迁移前若 WAL checkpoint 失败会中止迁移，降低向量索引结构不一致风险。
  Added safer storage maintenance/migration guards: skip VACUUM when vec is active and abort migration if WAL checkpoint fails, reducing vec-structure inconsistency risk.
• 向量回填判定与故障日志进一步修复
  backfill 调度只按 vec 虚拟表判断，避免 shadow 表误判为“无需回填”；同时修复 upsert 失败日志延后造成的时序误导，排障更准确。
  Backfill scheduling now checks only vec virtual tables (excluding shadow tables), and upsert-failure log timing is corrected to avoid misleading recovery-order impressions.

发布链路加固 / Security & Delivery Hardening

• 新增更新代理容错开关
  更新 Worker 新增 RATE_LIMIT_FAIL_CLOSED（默认 false），用于选择“限流器异常时放行”还是“严格拦截”。
  The update Worker adds RATE_LIMIT_FAIL_CLOSED (default false) to choose between fail-open and fail-closed behavior when the rate limiter is unavailable.

优化 / Improvements

• 统一敏感检测策略
  敏感检测不再依赖单一格式命中，而是结合上下文与内容形态做综合判断，整体可用性更好。
  Sensitive detection now uses a combined decision based on context and content shape instead of single-pattern hits, improving overall usability.
• 银行卡检测前置加速
  增加更轻量的前置校验，减少大文本场景下的不必要计算。
  Added lightweight pre-checks for bank-card detection to avoid unnecessary computation on large text.
• 呼出面板宽度与位置微调
  App 呼出面板左右各内收 7 像素，并整体上移 7 像素；高度保持不变，视觉更紧凑且继续居中。
  Tuned the popup panel layout by insetting 7 px on both sides and shifting it up 7 px while keeping height unchanged, preserving centered alignment with a tighter look.
• 队列模式状态栏对齐微调
  队列模式状态栏布局重新校准：左侧信息组整体右移 5 像素，右侧快捷提示与“清空/退出”整体左移 3 像素，视觉更平衡。
  Refined queue-mode status bar alignment: the left info group shifts 5 px right, while right-side hints and Clear/Exit shift 3 px left for a more balanced layout.
• 历史列表底层灰影与立体感移除
  去掉历史列表卡片下方的底层灰色衬底与立体阴影，列表区域改为更干净的平面观感。
  Removed the gray underlay and depth shadow beneath history cards to give the list area a cleaner, flatter appearance.

修复 / Fixes

• 修复深色模式“全部”标签圆点不可见问题
  修复深色模式下选中“全部”标签时左侧圆点过暗、几乎看不见的问题；现在会使用更清晰的浅灰指示色。
  Fixed poor visibility of the "All" tag dot in dark mode when selected; it now uses a clearer light-gray indicator color.
• 修复长文本误判导致“不保存”问题
  开启银行卡号检测或证件号检测时，部分 App 的长报错/日志文本可能被误判并拦截；现已显著缓解。
  Fixed a false-positive issue where long app error/log text could be blocked when bank-card or identity-number detection was enabled.
• 修复重复复制导致标签被覆盖问题
  当同一内容再次入库时，系统会保留原有手动标签，不再因为去重更新把标签清空。
  Preserved existing manual tags during duplicate-content upserts, preventing tag overwrite to untagged.
• 修复缺失文件自动清理误删问题（已打标签项）
  文件源路径失效时，已打标签的记录不再被自动清掉，只会标记为文件缺失。
  Tagged items are no longer auto-deleted when source files go missing; they are kept and marked as missing-file entries.
• 修复云端合并时本地标签被空标签覆盖问题
  云端记录为未打标签时，不再覆盖本地已有标签，减少多端同步后的标签丢失。
  Cloud merge now avoids overwriting an existing local tag when the incoming cloud record is untagged.
• 修复 vec 活跃表目标回退到默认表的问题
  维度映射不再持久化默认 vec 表；存在 recovery 表时会优先路由到 recovery，避免读写目标被错误切回旧表。
  Fixed vec active-table fallback behavior by no longer persisting default-table mappings; recovery tables are now preferred for read/write routing when present.
• 修复 vec 写入/搜索在切表窗口期命中旧表的问题
  向量写入与搜索前会重新解析当前活跃表，切表期间可自动自愈，减少 vec upsert internal error 的连锁失败。
  Fixed vec write/search routing during table-switch windows by re-resolving the active table before operations, reducing chained vec upsert internal error failures.
• 修复 vec 旧表清理触发内部表删除报错刷屏问题
  旧表清理不再直接处理 sqlite-vec shadow 子表（如 _chunks/_info/_rowids），失败场景会延后清理而非重复报错。
  Fixed repeated cleanup spam by avoiding direct deletion of sqlite-vec shadow subtables (such as _chunks/_info/_rowids); failed cleanup is deferred instead.
• 修复 vec 表枚举混入 shadow 表导致的误判问题
  vec 表枚举现已限定为 CREATE VIRTUAL TABLE ... USING vec0，避免把 _chunks/_info/_rowids 当成业务索引表参与判空、路由或清理。
  Fixed shadow-table pollution in vec-table discovery by restricting enumeration to CREATE VIRTUAL TABLE ... USING vec0, preventing _chunks/_info/_rowids from being treated as active index tables.
• 修复 vec 回填“无需执行”误判与失败日志时序误导
  回填判定改为基于真实 vec 虚拟表；同时将 upsert 失败日志判定前移到同次写入流程内，避免出现“恢复完成后才打印同次失败”的错觉。
  Fixed false “backfill not needed” decisions by basing checks on real vec virtual tables, and moved failure-log decisions into the same write flow to avoid delayed same-failure logs after recovery completion.

性能优化 / Performance

• 剪贴板主链路减负（减少主线程热区开销）
  合并规则判断路径，去掉重复 ignore 检查；同时把智能断行清理放到后台执行，降低高频复制时的主线程负担。
  Streamlined clipboard hot-path by removing duplicate ignore checks and moving smart line-break cleanup off the main thread to reduce UI pressure during frequent copies.
• 搜索兜底改为游标分页（替代 OFFSET 扫描）
  模糊搜索候选不足时，改用 keyset/cursor 分页补扫，避免数据量变大后 OFFSET 越查越慢。
  Replaced OFFSET-based fallback scans with keyset/cursor pagination for fuzzy search expansion, improving scalability on large datasets.
• 安全模式正则搜索降耗
  优化匹配流程，减少每条记录的临时字符串拼接；并按 limit 动态收敛扫描上限，降低 CPU 峰值。
  Optimized regex matching in security mode by cutting per-row temporary string joins and using a limit-aware scan cap to reduce CPU spikes.
• 批量行映射改后台并发执行
  row -> ClipboardItem 的批量转换不再占用数据库串行队列，减少分页与查询互相阻塞。
  Moved batch row -> ClipboardItem mapping off the DB serial queue to a background concurrent queue, reducing contention between pagination and queries.
• 存储统计后台化并加节流
  设置页“占用空间”目录遍历改为后台执行，并增加刷新节流与任务取消，减少设置页卡顿。
  Storage-size directory traversal in Settings now runs in background with throttling and cancellation to avoid UI hitches.
• 历史列表减少无效重排与赋值
  仅在确实需要时触发重排；并在顺序未变化时跳过数组重写，减少滚动与刷新时的额外开销。
  Reduced unnecessary history-list reordering and array rewrites by gating reorder triggers and skipping assignments when order is unchanged.

说明 / Notes

• 上传分析数据范围说明
  上传内容限定为诊断所需的最小范围，并保持脱敏处理，不包含其他个人信息。
  Diagnostics uploads are limited to the minimum required scope and remain anonymized, without other personal information.

升级建议 / Upgrade Notes

• 建议所有用户升级到 v1.2.6
  如果你经常复制调试日志、报错堆栈或长文本，升级后可明显降低被误拦截概率。
  Recommended for all users, especially if you frequently copy debug logs, stack traces, or long text, to reduce false blocking.

---

---

This discussion was created from the release v1.2.6 | Hardened.